[MacTUG] Managing Mac Fleet

Glenn Anderson anderson at uwaterloo.ca
Fri Jan 5 09:40:52 EST 2024 

Hi Stephen,

From what I can see, InTune should be all that one needs to manage Macs as it provides the necessary management tools and such.

Looking at https://learn.microsoft.com/en-us/mem/intune/fundamentals/deployment-guide-platform-macos I see that one can configure device settings such as wi-fi, wired, VPN, add and managed OS extensions and such. It allows the deploying of apps. One can also run remote actions as well.



On Jan 4, 2024, at 2:52 PM, Stephen Markan <smarkan at uwaterloo.ca> wrote:

The EndPoint Management project is running and looking at InTune as part of a hybrid management ecosystem

InTune cannot replace SCCM but it can compliment and enhance what SCCM offers - and is useful for providing basic management of devices to ensure security compliance even if no other management is provided

InTune would also enhance what Munki provides; as InTune would be the MDM and Munki the management tool.


Stephen Markan
IST Client Services

Best Before: April 17, 2025
________________________________
From: MacTUG <mactug-bounces at lists.uwaterloo.ca> on behalf of Shivam Patel <s545patel at uwaterloo.ca>
Sent: January 4, 2024 11:23
To: Donald Duff-McCracken <dsmccrac at uwaterloo.ca>; Kate Wood <kate.wood at uwaterloo.ca>; Devon Merner <devon.merner at uwaterloo.ca>; Lowell Williamson <llwillia at uwaterloo.ca>; mactug at lists.uwaterloo.ca <mactug at lists.uwaterloo.ca>; Glenn Anderson <glenn.anderson at uwaterloo.ca>
Subject: Re: [MacTUG] Managing Mac Fleet

Thanks for all of your input so far. It’s been extremely helpful knowing where the state is at for all of your respective teams.


I’ve done some preliminary research and have realized that Mac Administration is all over the place. A lot of the communities recommend JAMF but as stated in this thread if Intune is the long term approach I don’t think it’s worth the temporary investment, JAMF also appears to be complex in its own right which may take time to implement properly. I am currently looking at Munki which appears to cover the software-updates part of management but Im not sure if it will provide full MDM capabilities, from what I’ve read it’s to be used in conjunction with an MDM solution to fill in the gaps for patch management. I agree that we should get IST involved just to understand timelines and the roadmap, I’ve also read that the current state of Intune isn’t the best for managing Mac Fleets as it appears that a lot of features seem to be missing(Link to the first post in the reddit thread discussing Intune for Mac Management).


https://www.reddit.com/r/macsysadmin/comments/10lp8x1/macos_and_microsoft_intune_mdm_2023/





From: Donald Duff-McCracken <dsmccrac at uwaterloo.ca>
Sent: Thursday, January 4, 2024 11:11 AM
To: Kate Wood <kate.wood at uwaterloo.ca>; Devon Merner <devon.merner at uwaterloo.ca>; Lowell Williamson <llwillia at uwaterloo.ca>; Shivam Patel <s545patel at uwaterloo.ca>; mactug at lists.uwaterloo.ca; Glenn Anderson <glenn.anderson at uwaterloo.ca>
Subject: Re: Managing Mac Fleet



I know this conversation has started only an hour or so ago, but clearly we need to get IST in on this convo. I attend CTSC so I can bring this up as some issues have caused this project to stall out a bit.



I do know that there is (was?) a project ongoing to look at a campus wide solution and like Kate, I think/hope that intune is the answer.



Some of us were using a plug in to SCCM (Parallels Mac Manager for SCCM) that was pretty good but it hit a dead end. The IST SCCM folks (John and Mike) were awesome at helping with this. I do think there is interest from IST’s perspective on exploring management options, as having all these feral macs presents many challenges.



Some random points to add:

  1.  Like Health we were using the ancient Mac Profile Manger and for our (now defunct Mac lab) Apple Remote Desktop and a pile of scripts to manage things. Our staff/faculty macs are purely feral with their owners (who are all responsible, knock on wood) having admin access
  2.  Not to speak for Arts, but I do know that they, and other folks are using MUNKI and other tools
  3.  I love JAMF, but as I am sure that Math and CS can attest to, in addition to the cost there is a labour cost as well. That is why I loved the idea of the SCCM plug in in that it theoretically leveraged infrastructure and experience we have with SCCM.







From: MacTUG <mactug-bounces at lists.uwaterloo.ca<mailto:mactug-bounces at lists.uwaterloo.ca>> on behalf of Kate Wood <kate.wood at uwaterloo.ca<mailto:kate.wood at uwaterloo.ca>>
Date: Thursday, January 4, 2024 at 10:47 AM
To: Devon Merner <devon.merner at uwaterloo.ca<mailto:devon.merner at uwaterloo.ca>>, Lowell Williamson <llwillia at uwaterloo.ca<mailto:llwillia at uwaterloo.ca>>, Shivam Patel <s545patel at uwaterloo.ca<mailto:s545patel at uwaterloo.ca>>,mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca> <mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca>>
Subject: Re: [MacTUG] Managing Mac Fleet

Would the people with solutions maybe give us a ballpark for pricing?



--
Kate Wood, MSc.
Manager, Client Services
Computing Facility, Faculty of Science
Physics 2004 (by appointment)
519 888 4567 x45973 (Teams is better)
<image001.jpg>



From: Devon Merner <devon.merner at uwaterloo.ca<mailto:devon.merner at uwaterloo.ca>>
Sent: Thursday, January 4, 2024 10:45 AM
To: Lowell Williamson <llwillia at connect.uwaterloo.ca<mailto:llwillia at connect.uwaterloo.ca>>; Kate Wood <kate.wood at uwaterloo.ca<mailto:kate.wood at uwaterloo.ca>>; Shivam Patel <s545patel at uwaterloo.ca<mailto:s545patel at uwaterloo.ca>>;mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca>
Subject: Re: Managing Mac Fleet



CSCF and MFCF use Jamf Pro.



Although I think MFCF might still be hosting their MDM on premises whereas CSCF has moved out Jamf Pro instance to Jamf Cloud.
________________________________
From: MacTUG <mactug-bounces at lists.uwaterloo.ca<mailto:mactug-bounces at lists.uwaterloo.ca>> on behalf of Lowell Williamson <llwillia at connect.uwaterloo.ca<mailto:llwillia at connect.uwaterloo.ca>>
Sent: Thursday, January 4, 2024 10:42:12 AM
To: Kate Wood <kate.wood at uwaterloo.ca<mailto:kate.wood at uwaterloo.ca>>; Shivam Patel <s545patel at uwaterloo.ca<mailto:s545patel at uwaterloo.ca>>; mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca> <mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca>>
Subject: Re: [MacTUG] Managing Mac Fleet



We are moving off our Profile Manager
<image002.png>
And are eagerly waiting for InTune.



Thanks.



--
Lowell
_________



____________________________________
Lowell L. Williamson
Faculty of Health IT Specialist | University of Waterloo | LHN 1629 | ext. 42326
Email: llwillia at uwaterloo.ca<mailto:llwillia at uwaterloo.ca> / <image003.png> Chat with me on Teams<https://teams.microsoft.com/l/chat/0/0?users=llwillia@uwaterloo.ca> / Mobile: +1 519 590 9528
Book me for a service <https://outlook.office365.com/owa/calendar/LowellWilliamsonAHSITSpecialist@uofwaterloo.onmicrosoft.com/bookings/s/DT78_dCcIkqq0QDetxXFyQ2>



From: MacTUG <mactug-bounces at lists.uwaterloo.ca<mailto:mactug-bounces at lists.uwaterloo.ca>> On Behalf Of Kate Wood
Sent: Thursday, January 4, 2024 10:32 AM
To: Shivam Patel <s545patel at uwaterloo.ca<mailto:s545patel at uwaterloo.ca>>; mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca>
Subject: Re: [MacTUG] Managing Mac Fleet



We aren't using anything atm. Waiting for InTune to see what it does. I know other units are using jamf and munky.



Get Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From: MacTUG <mactug-bounces at lists.uwaterloo.ca<mailto:mactug-bounces at lists.uwaterloo.ca>> on behalf of Shivam Patel <s545patel at uwaterloo.ca<mailto:s545patel at uwaterloo.ca>>
Sent: Thursday, January 4, 2024 9:58:42 AM
To: mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca> <mactug at lists.uwaterloo.ca<mailto:mactug at lists.uwaterloo.ca>>
Subject: [MacTUG] Managing Mac Fleet



Hey Folks,

I’m a Senior System Administrator from the Library. Recently we’ve noticed an increase in requests for Mac machines and this has raised the need for a solution to manage them. I’m curious what other groups are using from an administrative perspective to keep Software and Core OS patches up to date. Feel free to suggest any solutions you are using.





Regards,
Shiv Patel

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/mactug/attachments/20240105/c8a56d5e/attachment-0001.html>

More information about the MacTUG mailing list